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Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)E3 This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-30 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) |g| Claim(s) 1-14 and 21-27 is/are allowed. 

6) D Claim(s) 15-17 and 28-30 is/are rejected. 

7) £3 Claim(s) 18-20 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 29 June 2001 is/are: a)E3 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)Q Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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1. Claims 1-30 have been examined. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 06/29/2001 was filed before the 
mailing date of the first Office action on the merits. The submission is in compliance with the 
provisions of 37 CFR 1.97(b)(3). Accordingly, the information disclosure statement is being 
considered by the examiner. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

Claims 29 and 30 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claims 29 and 30 are drawn to computer program 
products each comprising a computer readable storage media having computer readable program 
code embodied therein. A statutory invention requires a computer element which defines 
structural and functional interrelationships between the computer program and the rest of the 
computer which permit the computer program's functionality to be realized. See MPEP § 2106 
IV. B. 1(a). This rejection may be overcome by: 

deleting "generates" in claim 29, page 22, line 17 and replacing with -causes a computer 
to generate—; 

deleting "authenticates" in claim 29, page 22, line 20 and replacing with -causes the 
computer to authenticate—; 
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deleting "provides" in claim 29, page 22, line 22 and replacing with -causes the 
computer to provide--; 

deleting "authenticates" in claim 30, page 22, line 30 and replacing with -causes a 
computer to authenticate—; 

deleting "signs" in claim 30, page 23, line 1 and replacing with -causes the computer to 
sign--; and 

deleting "forwards" in claim 30, page 23, line 3 and replacing with -causes the computer 
to provide—. 

Claim Rejections - 35 USC § 112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

5. Claims 29 and 30 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claim 29 is rejected under 35 U.S.C. 1 12, second paragraph, as being incomplete for 
omitting essential elements, such omission amounting to a gap between the elements. See MPEP 
§ 2172.01. The omitted element is: a computer caused by the computer program product to 
perform generating, authenticating, and providing. 

Claim 30 is rejected under 35 U.S.C. 1 12, second paragraph, as being incomplete for 
omitting essential elements, such omission amounting to a gap between the elements. See MPEP 
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§ 2172.01. The omitted element is: a computer caused by the computer program product to 
perform authenticating, signing, and forwarding. 

Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U S C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

7. Claims 15-17 and 28 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Ganesan, U.S. Patent No. 5,535,276 A. 

As per claims 15 and 28, Ganesan depicts a method and system of providing 
authentication for communications between a Kerberos client and a public key infrastructure 
(PKI) server, the method and system comprising: 

authenticating a message from the Kerberos client at a party trusted by the PKI server 
(see column 15, lines 44 (eq. (1')) and 65-67; column 16, lines 1-4; figure 2, item 1 10, 120, 1'; 
figure 3 A, step 230; an authentication server receives the message V from a Kerberos client 
including a Kerberos password c and performs a decryption operation, [[[TEMP- 
CERT]Dc]Dcy]Ecy] to recover the temporary certificate of the Kerberos client, TEMP-CERT, to 
authenticate it); 
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signing the authenticated message with the PKI private key of the party trusted by the 
PKI server (see column 16, lines 14-15 and 20-24; figure 3 A, step 230; the authentication server 
signs [[TEMP-CERT]Dc] with its private key Dcy); 

and 

forwarding the authenticated message to the PKI server (see column 16, lines 57-67; 
figure 2, items 120, 1\ 1 10, 3', and 140; transmitting the message including [[TEMP- 
CERT]Dc]Dcy] to a ticket granting server). 

As per claim 16, Ganesan further describes: 

incorporating an identification of a principal of the message from the Kerberos client 
with the signed authenticated message (see column 16, lines 14-15; the identifier of the client 
shown in the portion of the message, Kc,tgs,time-exp,). 

As per claim 17, Ganesan additionally points out: 

incorporating the identification of the principal in the message from the Kerberos client 
(see column 15, line 44; c,tgs,time-exp identifies the principal). 

Allowable Subject Matter 

8. Claims 1-14 and 21-27 are allowed. 

9. Claims 18-20 are objected to as being dependent upon a rejected base claim, but would 
be allowable if rewritten in independent form including all of the limitations of the base claim 
and any intervening claims. 
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10. The following is an examiner's statement of reasons for allowance: 

Claims 1-14 and 27 are drawn to a method and system of authenticating a message from a 
client using a first authentication protocol to a resource manager using a second authentication 
protocol different from the first authentication protocol, respectively. The closest prior art, 
Ganesan, U.S. Patent No. 5,535,276 A, shows a similar method and system. 

Ganesan illustrates a method of authenticating a message from a client using a first 
authentication protocol (see column 16, lines 44-57; figure 2, items 1 10, 140, and 3'; a modified 
Kerberos protocol using temporary public private keys) to a server using a second authentication 
protocol different from the first authentication protocol (see column 17, lines 63-67; column 18, 
lines 1-13; figure 2, items 1 10, 150, and 6'; a server using a digital signature with a long-term 
private key for authentication to a processor knowledge of the server's long-term public key), 
comprising: 

generating a second message from the message from the client (see column 17, lines 14- 
25; figure 2, items 1 10, 140, and 4'; figure 3 A, step 340; the ticket granting server signs the 
message from the client using its private key), and 

the second message including information from the client which has been authenticated 
using the first authentication protocol (see column 17, lines 15-25; figure 2, items 1 10, 140, and 
4'; figure 3 A, step 360; where the tgs_rep message contains the ticket granting ticket, Tc,tgs; see 
column 16, lines 64-67; column 17, lines 1-4; figure 2, items 110, 140, and 3'; figure 3 A, steps 
3 10, 320, and 330; the ticket granting server retrieves the temporary public key (Ec.temp and 
Nc.temp) from the temporary certificate TEMP-CERT to retrieve the ticket granting ticket 
(Tc,tgs) encrypted with the private key of the ticket granting server, expressed as [Tc,tgs] Dtgsy). 
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However, Ganesan neither teaches nor suggests authenticating the second message using 
the second authentication protocol and providing the authenticated second message to a resource 
manager. This combination of steps explicitly recited in independent claims 1 and 27 renders 
claims 1-14 and 27, respectively, allowable. 

Claims 21-26 are drawn to a system for authentication of messages from a client utilizing 
Kerberos authentication and a resource manager utilizing public key infrastructure (PKI) 
authentication. The closest prior art, Ganesan, U.S. Patent No. 5,535,276 A, shows a similar 
system. 

Ganesan describes a system comprising: 
a public key signature service configured to 

receive a Kerberos service ticket (see column 16, lines 57-63; figure 2, items 1 10, 3', and 
140; receiving a transmitted message with a ticket granting ticket, Tc,tgs, encrypted by Dtgsy), 

authenticate the Kerberos service ticket (see column 17, lines 1-7; figure 3 A, step 330; 
decrypting the ticket granting ticket to authenticate the user), and 

generate a message incorporating data associated with the authenticated Kerberos service 
ticket which is signed using a digital signature based on a PKI private key (see column 17, lines 
14-25; figure 2, items 1 10, 140, and 4'; figure 3 A, step 340; the ticket granting server signs the 
message from the client using its private key). 

However, Ganesan neither shows nor implies PKI certificate so as to allow the resource 
manager to authenticate the message and provide the signed message to the resource manager. 
This distinct feature explicitly recited in independent claim 21 renders claims 21-26 allowable 
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Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance." 

Conclusion 

1 1 . The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

• Ganesan, U.S. Patent No. 5,737,419 A discloses a crypto-system where all system users 
have a first private key portion known only to the associated user and a second private 
key portion accessible to a second user. 

Telephone Inquiry Contacts 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Justin T. Darrow whose telephone number is (571) 272-3801, and 
whose electronic mail address isjustin.darrow@uspto.gov. The examiner can normally be 
reached Monday-Friday from 8:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, Jr., can be reached at (571) 272-3799. 

The fax number for Formal or Official faxes to Technology Center 2100 is 571-273- 
8300. In order for a formal paper transmitted by fax to be entered into the application file, the 
paper and/or fax cover sheet must be signed by a representative for the applicant. Faxed formal 
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papers for application file entry, such as amendments adding claims, extensions of time, and 
statutory disclaimers for which fees must be charged before entry, must be transmitted with an 
authorization to charge a deposit account to cover such fees. It is also recommended that the 
cover sheet for the fax of a formal paper have printed "OFFICIAL FAX". Formal papers 
transmitted by fax usually require three business days for entry into the application file and 
consideration by the examiner. Formal or Official faxes including amendments after final 
rejection (37 CFR 1.116) should be submitted to 571-273-8300 for expedited entry into the 
application file. It is further recommended that the cover sheet for the fax containing an 
amendment after final rejection have printed not only "OFFICIAL FAX" but also 
"AMENDMENT AFTER FINAL". 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Any inquiry of a general nature or relating to the status of this application should be 
directed to the Group receptionist whose telephone number is (571) 272-2100. 

September 4, 2005 




JUSTIN T. DARROW 
PRIMARY EXAMINER 
TECHNOLOGY CENTER 2100 



